Videos31 articles

Control flow is much more than step over. You can “jump” to arbitrary code offsets while debugging to reproduce elaborate states and behaviors!

New online course is launching with the first video ready to view. More are coming in the coming months, also the book is ready for preorder!

Learn about JavaFX and Brain-Computer Interfaces: data collected non-invasively (head wraps with cables) and invasively (brain implants).

Learn the difference between application servers and web servers, what an application server can do to make your life as a developer easier!

When I ask Java developers whether they profile, the answer is usually “no”. A reason is the lack of info and knowledge for everyday developers.

In this myth-busting webinar, Steve Millidge (founder of Payara), demonstrates that Java/Jakarta EE can do microservices.

Deserialization vulnerabilities work natively in Java and how attack chains are created. This problem is also not restricted to Java’s custom serialization framework. When deserializing JSON, XML, or YAML, similar issues can occur as well. This talk shows some pointers on how to mitigate these problems in your own applications.

Watch a 10 minute discussion on Log4j, security processes and prioritization, and how Payara dealt with the vulnerability.

A demonstration of log4j exploits, which defenses people tried, and which worked. A look at open source funding models, subscriptions, and bug bounty programs to see why it’s sometimes hard to donate.

Learn about common threats, vulnerabilities, and misconfiguration including the recently disclosed issues in Log4j.